Russian hackers target Australian small business

Russian hackers are targeting Australian small businesses, including schools and medical centres, hijacking their data and holding it for ransom.

Transcript

CHRIS UHLMANN, PRESENTER: You turn up to work, log on to your computer and every file has been encrypted. At the top of your inbox is an extortion email demanding money in return for a code that will unlock your data. It's a type of hacking known as ransomware, a cyber crime that's on the rise and targeting small businesses. Peter McCutcheon reports.

FRANK BINKLEY, BYRON BAY COMMUNITY SCHOOL: On a Monday morning when I walked into school and the It guy who does our IT in the school said, "We've got a big problem. We've been hacked."

PETER MCCUTCHEON, REPORTER: Frank Binkley manages the finances of a private primary school in Byron Bay. He's still puzzled as to why cyber criminals would set their sights on such a small target with their latest weapon, ransomware.

Did you ever think that your school would be a target for something like this?

FRANK BINKLEY: Never even heard of ransomware before this. And the analogy I use is these guys have just taken hacking to a higher degree.

PETER MCCUTCHEON: Hackers have been holding data for ransom for more than 20 years. But it's only in the past few months that a more sophisticated form of this cyber crime has emerged in Australia.

ALASTAIR MACGIBBON, CENTRE FOR INTERNET SAFETY: It's most likely to be reasonably random, very broad approach. We've seen a range of businesses attacked.

PETER MCCUTCHEON: Hackers get into a database and encrypt all the information, effectively locking it up and demanding payment before they release it.

ALASTAIR MACGIBBON: They're literally trawling the web for cash. and if they can get $2,000 or $3,000 out of a small business that's based in Byron Bay, then they'll do that.

PETER MCCUTCHEON: The hackers who got into the Byron Bay school first asked for $4,000 to unlock the files.

$4,000 is not a lot of money in the scheme of things. Did you ever think about paying up?

FRANK BINKLEY: Absolutely. I did a get the guy initially. His name was Jack Williams. That was his alias. And I got him down to $2,000.

PETER MCCUTCHEON: How did you do that?

FRANK BINKLEY: Oh, just negotiating through emails saying, "Look, we're a small little school, we're 100 kids, why are you doing this to us?"

PETER MCCUTCHEON: The school even prepared its own video pleading for mercy.

SCHOOL CHILDREN: (In unison) G'day, Jack Williams. We are the kids of Byron Community Primary School. Please, please, don't take our money.

PETER MCCUTCHEON: In the end the school didn't send the video nor pay any money. The school board thought it was too great a risk. IT specialists recovered some data, but a lot was lost forever. Security specialists say the school was wise not to pay.

GRAHAM INGRAM, AUSCERT: There's no guarantee that we will actually get your data back. And the second thing is you make yourself a - you get a big gold star as the next target 'cause they'll come back.

PETER MCCUTCHEON: Graham Ingram runs the AusCERT security service based at the University of Queensland. He's expecting an increase in these types of attacks.

GRAHAM INGRAM: A business model is being refined and it's being developed and it's getting better. They're getting the bugs out of it, knowing who to go after, how to do this. I don't see it going away anytime soon.

PETER MCCUTCHEON: And don't think you're safe just because you have antivirus software.

Did you ever think you'd be vulnerable to this type of attack?

DAVID WOOD, MIAMI FAMILY MEDICAL CENTRE: No.

PETER MCCUTCHEON: Why not?

DAVID WOOD: Well because we've got a business grade broadband plan with a business grade firewall router which was updated recently, as recently as June, and we have a very good antivirus program running on all the systems as well.

PETER MCCUTCHEON: So as far as you were concerned, you had state-of-the-art security?

DAVID WOOD: As far as we concerned, yes.

PETER MCCUTCHEON: The Miami Family Medical Centre on the Gold Coast was hit by the ransomware racquet earlier this month. Although it managed to recover most of the locked files through old backups, the experience has taken its toll.

How much has all this cost you?

DAVID WOOD: I shudder to think.

PETER MCCUTCHEON: The Queensland Police Service says they've investigated 11 similar attacks this year suspected to originate from Russia and mostly aimed at medical clinics that. That may be a coincidence. But it's also a reminder to doctors that they're sitting on very valuable information.

MUKESH HAIKERWAL, E-HEALTH ADVISOR: Now we've gone to a much more complex system with a server and also connections to the internet which means that vulnerability's increased dramatically.

PETER MCCUTCHEON: Dr Mukesh Haikerwal is a clinical consultant to national e-health programs, including online access to personal health records.

MUKESH HAIKERWAL: There is a much greater recognition of the need to be more vigilant, eternally vigilant about the way in which our IT systems are set up.

PETER MCCUTCHEON: So far these ransomware attacks have focused on small to medium-sized businesses. But IT experts say it would be wrong to assume that's where hackers will focus in the future.

GRAHAM INGRAM: There's no reason to believe that this ransomware would not work on a large enterprise. And you can imagine a very, very large top 500 company for example having ransomware. I mean, it could absolutely devastate that company if they've got no capacity.

ALASTAIR MACGIBBON: No online criminal cares where the cash comes from. I say essentially that they're agnostic about the colour of the cash. They're just trying to make good money and they do make good money through this type of crime.

PETER MCCUTCHEON: The Byron Bay Community Primary School avoided devastation, but its financial officer admits he's a changed man.

Do you think differently now about IT security?

FRANK BINKLEY: Oh, absolutely. I'm like a reformed smoker. Everybody I say, "Do you backup, do you backup offline?" So, I mean, my message to anybody out there - small, whatever: get something in place.